<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
	<id>https://wiki.qnap.com/mediawiki/index.php?title=Block_ftp_hacking&amp;feed=atom&amp;action=history</id>
	<title>Block ftp hacking - Revision history</title>
	<link rel="self" type="application/atom+xml" href="https://wiki.qnap.com/mediawiki/index.php?title=Block_ftp_hacking&amp;feed=atom&amp;action=history"/>
	<link rel="alternate" type="text/html" href="https://wiki.qnap.com/mediawiki/index.php?title=Block_ftp_hacking&amp;action=history"/>
	<updated>2022-09-01T02:12:37Z</updated>
	<subtitle>Revision history for this page on the wiki</subtitle>
	<generator>MediaWiki 1.35.2</generator>
	<entry>
		<id>https://wiki.qnap.com/mediawiki/index.php?title=Block_ftp_hacking&amp;diff=351&amp;oldid=prev</id>
		<title>Admin: 1 revision imported</title>
		<link rel="alternate" type="text/html" href="https://wiki.qnap.com/mediawiki/index.php?title=Block_ftp_hacking&amp;diff=351&amp;oldid=prev"/>
		<updated>2015-06-22T00:58:48Z</updated>

		<summary type="html">&lt;p&gt;1 revision imported&lt;/p&gt;
&lt;p&gt;&lt;b&gt;New page&lt;/b&gt;&lt;/p&gt;&lt;div&gt;If you own a Qnap that does not have ftp / ip blocking built in, you can use the script/procedure described below to enhance security.&lt;br /&gt;
&lt;br /&gt;
This script will block specific IP addresses that have tried to login to your FTP server, but failed to enter a valid account. The number of failures and the time to block can be configured (default 3 failures and one hour).&lt;br /&gt;
&lt;br /&gt;
{|  border=&amp;quot;1&amp;quot; style=&amp;quot;color:red; background-color:#ffffcc;&amp;quot;&lt;br /&gt;
|align=&amp;quot;center&amp;quot; |'''This script can disable the HDD spindown functionality of your QNAP, thus causing premature harddisk failure!!!'''&lt;br /&gt;
&lt;br /&gt;
'''To prevent this, you need to mount your disks with the &amp;lt;tt&amp;gt;noatime&amp;lt;/tt&amp;gt; option, as discussed [http://forum.qnap.com/viewtopic.php?f=50&amp;amp;t=5680&amp;amp;p=26477&amp;amp;hilit=noatime#p26477 here].'''&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==== Skills required ====&lt;br /&gt;
You must be able to login to your qnap using telnet/ssh. Know how to use vi and you need to have logging turned on for your FTP server (see [[Ftp EnableLogging]]).&lt;br /&gt;
You also need to know how to make (persistent) changed to the crontab (see [[Add items to crontab]]).&lt;br /&gt;
&lt;br /&gt;
==== Steps involved ====&lt;br /&gt;
# turn on FTP Server logging &lt;br /&gt;
# rotate ftp server logfiles and restart server&lt;br /&gt;
# prepare proftpd config&lt;br /&gt;
# Watch Failed Logins (and block IPs)&lt;br /&gt;
# Unblock blocked IPs&lt;br /&gt;
# stop block script&lt;br /&gt;
&lt;br /&gt;
===== turn on FTP Server logging =====&lt;br /&gt;
([[Ftp EnableLogging]])&lt;br /&gt;
&lt;br /&gt;
Edit the proftpd configuration to include the following config items:&lt;br /&gt;
(customize the location of the log file to suit your needs)&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
LogFormat               userlog &amp;quot;%u %P %a %h %t \&amp;quot;%r\&amp;quot; %s&amp;quot;&lt;br /&gt;
ExtendedLog             /share/MD0_DATA/.../ftplogs/proftpd.log AUTH,READ,WRITE userlog&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===== rotate ftp server logfiles =====&lt;br /&gt;
Add an entry to the crontab to restart the proftpd ftp server during the night and also rotate the logfile; this will leave you with a freshly restarted ftp server and a log history of 10 days.&lt;br /&gt;
&lt;br /&gt;
Rotating the logfile will ensure the amount of log space you will need will not become too much.&lt;br /&gt;
&lt;br /&gt;
Add the following entry to your crontab (customize script location as desired):&lt;br /&gt;
&amp;lt;pre&amp;gt;35 4 * * * /share/custom/scripts/proftpd_clean.sh&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
and create the script (proftpd_clean.sh):&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
#!/bin/sh&lt;br /&gt;
&lt;br /&gt;
# customize the location of the log files below:&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.8 /share/.../ftplogs/proftpd.log.9&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.7 /share/.../ftplogs/proftpd.log.8&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.6 /share/.../ftplogs/proftpd.log.7&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.5 /share/.../ftplogs/proftpd.log.6&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.4 /share/.../ftplogs/proftpd.log.5&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.3 /share/.../ftplogs/proftpd.log.4&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.2 /share/.../ftplogs/proftpd.log.3&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log.1 /share/.../ftplogs/proftpd.log.2&lt;br /&gt;
/bin/mv /share/.../ftplogs/proftpd.log /share/.../ftplogs/proftpd.log.1&lt;br /&gt;
&lt;br /&gt;
#restart the ftp server:&lt;br /&gt;
/etc/init.d/ftp.sh restart&lt;br /&gt;
&lt;br /&gt;
#start a script to customize the proftpd.conf (optional)&lt;br /&gt;
#/share/custom/scripts/proftpd.sh&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===== prepare proftpd config =====&lt;br /&gt;
In order to run the script, the proftpd config file must contain a section for blocking access to the ftp server. You can use this section to manually block IP addresses (if you want) and the script will add IP addresses to this list as well.&lt;br /&gt;
&lt;br /&gt;
The following section must be added to the '''end''' of your proftpd.conf file (or '''to the end''' a file that you include into the proftpd.conf '''at the end'''):&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
&amp;lt;Limit LOGIN&amp;gt;&lt;br /&gt;
  # Manually added blocked IP addresses:&lt;br /&gt;
  #Deny 1.2.3.4&lt;br /&gt;
  #######################################&lt;br /&gt;
  ## IPs below are automatically added ##&lt;br /&gt;
  #######################################&lt;br /&gt;
&amp;lt;/LIMIT&amp;gt;&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===== Watch Failed Logins =====&lt;br /&gt;
Next, a script must be put in place to monitor the proftpd logfile, detect login failures, store ip addresses that failed to login and (if the maxlogin for a specific IP is exceeded), block an ip address.&lt;br /&gt;
&lt;br /&gt;
Add the following entry to your crontab (customize script location as desired):&lt;br /&gt;
&amp;lt;pre&amp;gt;37 4 * * * /share/custom/scripts/proftpd_block.sh &amp;amp;&amp;lt;/pre&amp;gt;&lt;br /&gt;
and create the script (proftpd_block.sh):&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
#!/bin/sh&lt;br /&gt;
# script name:  proftpd.block script&lt;br /&gt;
# location:     /share/custom/scripts&lt;br /&gt;
# purpose:      watch proftpd logfile and detect failed login attempts&lt;br /&gt;
# designed for Qnap TS-201&lt;br /&gt;
#&lt;br /&gt;
# this script asumes the following log config (in proftpd.conf):&lt;br /&gt;
# LogFormat               userlog &amp;quot;%u %P %a %h %t \&amp;quot;%r\&amp;quot; %s&amp;quot;&lt;br /&gt;
# ExtendedLog             /share/MD0_DATA/data/website/ftplogs/proftpd.log AUTH,READ,WRITE userlog&lt;br /&gt;
&lt;br /&gt;
datim=$(date +%F-%H%M)&lt;br /&gt;
# customize paths of files:&lt;br /&gt;
log2file=/share/.../ftplogs/block.log&lt;br /&gt;
# proftpd logfile:&lt;br /&gt;
logfile=/share/.../ftplogs/proftpd.log&lt;br /&gt;
# file that stores the ips that failed to login: &lt;br /&gt;
watchfile=/share/custom/scripts/proftpd_watch.ip&lt;br /&gt;
# tmp watch file (used when editing the file)&lt;br /&gt;
tmpfile=/share/custom/scripts/proftpd_watch.ip.new&lt;br /&gt;
&lt;br /&gt;
# path to your standard/customized proftpd.conf file&lt;br /&gt;
# the file must be manually edited to end with the following lines:&lt;br /&gt;
# &amp;lt;Limit LOGIN&amp;gt;&lt;br /&gt;
# #manually entered blocked ips:&lt;br /&gt;
# #1.2.3.4&lt;br /&gt;
# #######################################&lt;br /&gt;
# ## IPs below are automatically added ##&lt;br /&gt;
# #######################################&lt;br /&gt;
# &amp;lt;/Limit&amp;gt;&lt;br /&gt;
cfgfile=/share/custom/customized/proftpd.conf&lt;br /&gt;
# intermediate configfile (used when editing config)&lt;br /&gt;
tmpcfgfile=/share/custom/customized/proftpd.conf.new&lt;br /&gt;
# max number of filed logins per ip:&lt;br /&gt;
maxfailedlogin=3&lt;br /&gt;
&lt;br /&gt;
# manage logfiles:&lt;br /&gt;
#(customize location of logfiles!)&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.8 /share/.../ftplogs/block.log.9&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.7 /share/.../ftplogs/block.log.8&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.6 /share/.../ftplogs/block.log.7&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.5 /share/.../ftplogs/block.log.6&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.4 /share/.../ftplogs/block.log.5&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.3 /share/.../ftplogs/block.log.4&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.2 /share/.../ftplogs/block.log.3&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log.1 /share/.../ftplogs/block.log.2&lt;br /&gt;
/bin/mv /share/.../ftplogs/block.log /share/.../ftplogs/block.log.1&lt;br /&gt;
echo $(date +%F-%H%M) &amp;quot;BCK: Starting Proftpd blocking...&amp;quot; $datim &amp;gt; $log2file&lt;br /&gt;
&lt;br /&gt;
# ensure the logfile exists, so the tail will not fail &amp;amp;exit the script:&lt;br /&gt;
touch $logfile&lt;br /&gt;
#tail the logfile:&lt;br /&gt;
tail -n 0 -f $logfile | while read logline &lt;br /&gt;
do&lt;br /&gt;
  ip=''&lt;br /&gt;
  result=''&lt;br /&gt;
  #echo $logline&lt;br /&gt;
  let ncount=0&lt;br /&gt;
  for e in $logline&lt;br /&gt;
  do&lt;br /&gt;
    let ncount=$ncount+1&lt;br /&gt;
    #echo $ncount $e&lt;br /&gt;
    if [ &amp;quot;x${ncount}&amp;quot; = &amp;quot;x3&amp;quot; ]; then&lt;br /&gt;
      ip=$e; &lt;br /&gt;
      #echo $ip;&lt;br /&gt;
    fi&lt;br /&gt;
    result=$e&lt;br /&gt;
  done&lt;br /&gt;
  #echo $ip: $result&lt;br /&gt;
  if [ &amp;quot;x$result&amp;quot; = &amp;quot;x530&amp;quot; ]; then&lt;br /&gt;
    # failed login&lt;br /&gt;
    echo $(date +%F-%H%M) 'BCK: FAILED login from' $ip &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    &lt;br /&gt;
    # read attempts from watchfile&lt;br /&gt;
    #echo grep -i $ip $watchfile&lt;br /&gt;
    block=`grep -i $ip $watchfile`&lt;br /&gt;
    #echo $(date +%F-%H%M) $block &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    &lt;br /&gt;
    let count=0&lt;br /&gt;
    if [ &amp;quot;x${block}&amp;quot; = &amp;quot;x&amp;quot; ]; then&lt;br /&gt;
      # new ip:&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK: new ip:' $ip &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      let count=1&lt;br /&gt;
    else&lt;br /&gt;
      #existing ip&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK: existing ip' $ip &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      # read nr attempts:&lt;br /&gt;
      let ncount=0&lt;br /&gt;
      for t in $block&lt;br /&gt;
      do&lt;br /&gt;
        let ncount=$ncount+1&lt;br /&gt;
        if [ &amp;quot;x${ncount}&amp;quot; = &amp;quot;x2&amp;quot; ]; then&lt;br /&gt;
          # nr of login attempts&lt;br /&gt;
          count=$t;&lt;br /&gt;
          #echo $t&lt;br /&gt;
        fi&lt;br /&gt;
      done&lt;br /&gt;
      let count=$count+1&lt;br /&gt;
      #echo $count&lt;br /&gt;
    fi&lt;br /&gt;
    # remove ip from watchlist&lt;br /&gt;
    grep -vi $ip $watchfile &amp;gt; $tmpfile&lt;br /&gt;
    mv $tmpfile $watchfile&lt;br /&gt;
    &lt;br /&gt;
    if expr $count \&amp;gt; $maxfailedlogin ; then&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK: Denying' $ip &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      echo $ip 0 $(date +%s) $(date +%F-%H%M) &amp;gt;&amp;gt; $watchfile&lt;br /&gt;
      # must modify proftpd.conf&lt;br /&gt;
      grep -vi $ip $cfgfile | grep -vi /LIMIT &amp;gt; $tmpcfgfile&lt;br /&gt;
      &lt;br /&gt;
      #echo $(date +%F-%H%M) &amp;quot;BCK: Deny&amp;quot; $ip &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      echo &amp;quot;  Deny&amp;quot; $ip &amp;gt;&amp;gt; $tmpcfgfile&lt;br /&gt;
      echo &amp;quot;&amp;lt;/LIMIT&amp;gt;&amp;quot; &amp;gt;&amp;gt; $tmpcfgfile&lt;br /&gt;
      &lt;br /&gt;
      mv $tmpcfgfile $cfgfile&lt;br /&gt;
      &lt;br /&gt;
      # and reread config:&lt;br /&gt;
      /etc/init.d/ftp.sh reconfig &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    else  &lt;br /&gt;
      # add to watchfile :&lt;br /&gt;
      #echo $ip $count $(date +%F-%H%M)&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK: Inc Atttempts to' $count 'for' $ip &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      echo $ip $count $(date +%s) $(date +%F-%H%M) &amp;gt;&amp;gt; $watchfile&lt;br /&gt;
    fi&lt;br /&gt;
  elif [ &amp;quot;x$result&amp;quot; = &amp;quot;x230&amp;quot; ]; then&lt;br /&gt;
    # login OK!&lt;br /&gt;
    echo $(date +%F-%H%M) 'BCK: login OK from' $ip &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    &lt;br /&gt;
    blocked=`grep -i $ip $cfgfile`&lt;br /&gt;
    #echo 'blocked:' $blocked&lt;br /&gt;
    if [ &amp;quot;x$blocked&amp;quot; = &amp;quot;x&amp;quot; ] ; then&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK:' $ip 'not blocked in proftpd.conf' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    else&lt;br /&gt;
      # remove from config&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK: removing' $ip 'from proftpd.conf' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      grep -vi $ip $cfgfile &amp;gt; $tmpcfgfile&lt;br /&gt;
      &lt;br /&gt;
      mv $tmpcfgfile $cfgfile&lt;br /&gt;
      &lt;br /&gt;
      # and reread config:&lt;br /&gt;
      /etc/init.d/ftp.sh reconfig &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    fi&lt;br /&gt;
    &lt;br /&gt;
    # remove ip from watch list&lt;br /&gt;
    blocked=`grep -i $ip $watchfile`&lt;br /&gt;
    if [ &amp;quot;x$blocked&amp;quot; = &amp;quot;x&amp;quot; ] ; then&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK:' $ip 'nothing to do' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    else&lt;br /&gt;
      echo $(date +%F-%H%M) 'BCK: removing' $ip 'from watchlist' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      grep -vi $ip $watchfile &amp;gt; $tmpfile&lt;br /&gt;
      mv $tmpfile $watchfile&lt;br /&gt;
    fi&lt;br /&gt;
  fi&lt;br /&gt;
done&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
===== Unblock blocked IPs =====&lt;br /&gt;
Blocked IP addresses will be automatically be unblocked after a timeout period (default an hour). Add the following entry to your crontab (customize script location as desired):&lt;br /&gt;
&amp;lt;pre&amp;gt;00 * * * * /share/custom/scripts/proftpd_block_check.sh&amp;lt;/pre&amp;gt;&lt;br /&gt;
'''Be aware:''' this crontab entry will wakeup your qnap every hour!&lt;br /&gt;
&lt;br /&gt;
and create the script (proftpd_block_check.sh):&lt;br /&gt;
&amp;lt;pre&amp;gt;#!/bin/sh&lt;br /&gt;
# script name:  proftpd.block.check script&lt;br /&gt;
# location:     /share/custom/scripts&lt;br /&gt;
# purpose:      unblock blocked ip addresses from proftpd.conf&lt;br /&gt;
# designed for Qnap TS-201&lt;br /&gt;
&lt;br /&gt;
datim=$(date +%F-%H%M)&lt;br /&gt;
# customize file locations!&lt;br /&gt;
log2file=/share/.../ftplogs/block.log&lt;br /&gt;
watchfile=/share/custom/scripts/proftpd_watch.ip&lt;br /&gt;
tmpfile=/share/custom/scripts/proftpd_watch.ip.new&lt;br /&gt;
# standard or your customized proftpd.conf:&lt;br /&gt;
cfgfile=/share/custom/customized/proftpd.conf&lt;br /&gt;
# tmp file, used when editing:&lt;br /&gt;
tmpcfgfile=/share/custom/customized/proftpd.conf.new&lt;br /&gt;
#block duration (in sec):&lt;br /&gt;
blocktime=3600&lt;br /&gt;
&lt;br /&gt;
echo $(date +%F-%H%M) 'CHK: checking expired records...' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
&lt;br /&gt;
#ensure tmpfile is empty &amp;amp; exists:&lt;br /&gt;
rm $tmpfile 2&amp;gt;&amp;amp;1 &amp;gt;/dev/null&lt;br /&gt;
touch $tmpfile&lt;br /&gt;
&lt;br /&gt;
#init global vars:&lt;br /&gt;
let found=0&lt;br /&gt;
&lt;br /&gt;
# read through watchfile:&lt;br /&gt;
while read watchline&lt;br /&gt;
do&lt;br /&gt;
  echo $(date +%F-%H%M) 'CHK:' $watchline &amp;gt;&amp;gt; $log2file&lt;br /&gt;
  #init loop vars:&lt;br /&gt;
  ncount=0&lt;br /&gt;
  ip=''&lt;br /&gt;
  dt=''&lt;br /&gt;
  dt2=''&lt;br /&gt;
  # determine &amp;lt;date to unblock&lt;br /&gt;
  dt2=$(date +%s)&lt;br /&gt;
  dt2=$(($dt2 - $blocktime))&lt;br /&gt;
  # find blocked time &amp;amp; ip in line:&lt;br /&gt;
  for w in $watchline&lt;br /&gt;
  do&lt;br /&gt;
    let ncount=$ncount+1&lt;br /&gt;
    if [ &amp;quot;x$ncount&amp;quot; = &amp;quot;x1&amp;quot; ]; then&lt;br /&gt;
      ip=$w&lt;br /&gt;
    elif [ &amp;quot;x$ncount&amp;quot; = &amp;quot;x3&amp;quot; ]; then&lt;br /&gt;
      #datetime: blocked since (in secs)&lt;br /&gt;
      dt=$w&lt;br /&gt;
    fi&lt;br /&gt;
  done&lt;br /&gt;
  echo $(date +%F-%H%M) 'CHK: check if' $dt '&amp;lt;' $dt2 'for ip' $ip  &amp;gt;&amp;gt; $log2file&lt;br /&gt;
  if expr $dt \&amp;lt; $dt2 ; then&lt;br /&gt;
    blocked=`grep -i $ip $cfgfile`&lt;br /&gt;
    #echo 'blocked:' $blocked&lt;br /&gt;
    if [ &amp;quot;x${blocked}&amp;quot; = &amp;quot;x&amp;quot; ] ; then&lt;br /&gt;
      echo $(date +%F-%H%M) 'CHK: removed:' $watchline &amp;gt;&amp;gt; $log2file&lt;br /&gt;
    else&lt;br /&gt;
      echo $(date +%F-%H%M) 'CHK: removed: also remove' $ip 'from proftpd.conf' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
      found=1&lt;br /&gt;
      grep -vi $ip $cfgfile &amp;gt; $tmpcfgfile&lt;br /&gt;
      mv $tmpcfgfile $cfgfile&lt;br /&gt;
      chown michiel.everyone $cfgfile&lt;br /&gt;
    fi&lt;br /&gt;
  else  &lt;br /&gt;
    echo $watchline &amp;gt;&amp;gt; $tmpfile&lt;br /&gt;
  fi&lt;br /&gt;
done &amp;lt; $watchfile&lt;br /&gt;
mv $tmpfile $watchfile&lt;br /&gt;
&lt;br /&gt;
echo $(date +%F-%H%M) 'CHK: found: ' $found &amp;gt;&amp;gt; $log2file&lt;br /&gt;
if expr $found \= 1 ; then&lt;br /&gt;
  # removed ips from watch list &amp;amp; config file; reread config file:&lt;br /&gt;
  echo $(date +%F-%H%M) 'CHK: Removed expired records' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
  /etc/init.d/ftp.sh reconfig &amp;gt;&amp;gt; $log2file&lt;br /&gt;
fi&lt;br /&gt;
&lt;br /&gt;
echo $(date +%F-%H%M) 'CHK: checking expired records: done' &amp;gt;&amp;gt; $log2file&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===== Stop block script =====&lt;br /&gt;
The block script must be stopped, to stop the tail on the logfile. This stop is required, because the proftpd logfile will be rotated.&lt;br /&gt;
&lt;br /&gt;
&amp;lt;pre&amp;gt;34 4 * * * /share/custom/scripts/proftpd_block_stop.sh&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
and create the script (proftpd_block_stop.sh):&lt;br /&gt;
&amp;lt;pre&amp;gt;#!/bin/sh&lt;br /&gt;
# script name:  proftpd_block_stop.script&lt;br /&gt;
# location:     /share/custom/scripts&lt;br /&gt;
# purpose:      stop monitoring the proftpd log file and lock out ips&lt;br /&gt;
# designed for  Qnap TS-201&lt;br /&gt;
&lt;br /&gt;
#stop script from running:&lt;br /&gt;
kill -9 `ps -ef | grep proftpd_block.sh | cut -c 1-5`&lt;br /&gt;
kill -9 `ps -ef | grep /proftpd.log | cut -c 1-5`&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[Category:FTP_Server]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
</feed>